package com.ershui.blog.config;

import com.ershui.blog.config.shiro.UserRealm;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * Shiro权限配置加载
 * @author jinbin
 */
@Configuration
public class ShiroConfig {

    @Bean
    public UserRealm myShiroRealm(){
        UserRealm userRealm=new UserRealm();
        return  userRealm;
    }

    @Bean
    public DefaultWebSecurityManager securityManager(){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //设置realm
        securityManager.setRealm(myShiroRealm());
        //记住我
        securityManager.setRememberMeManager(rememberMeManager());
        //session管理
        securityManager.setSessionManager(sessionManager());
        return securityManager;
    }

    @Bean
    public SessionManager sessionManager(){
        DefaultWebSessionManager session=new DefaultWebSessionManager();
        //去掉shiro登录的时候url地址栏带jessionId
        session.setSessionIdUrlRewritingEnabled(false);
        return session;
    }

    /**
     * 记住我
     * @return
     */
    public CookieRememberMeManager rememberMeManager(){
        CookieRememberMeManager cookieRemember=new CookieRememberMeManager();
        cookieRemember.setCookie(remembermeCookie());
        return cookieRemember;
    }

    /**
     * 记住我cookie
     * @return
     */
    public SimpleCookie remembermeCookie(){
        SimpleCookie remembermeCookie=new SimpleCookie("rememberMe");
        remembermeCookie.setHttpOnly(true);
        //七天免登录
        remembermeCookie.setMaxAge(7*24*60*60);
        return remembermeCookie;
    }

    @Bean
    public ShiroFilterFactoryBean shirFilter(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean=new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        //拦截器
        Map<String,String> fiterChainDefinitionMap=new LinkedHashMap<>();
        //配置不会被拦截的链接，顺序判断
        fiterChainDefinitionMap.put("/static/**","anon");
        fiterChainDefinitionMap.put("/js/**","anon");
        fiterChainDefinitionMap.put("/image/**","anon");
        fiterChainDefinitionMap.put("/images/**","anon");
        fiterChainDefinitionMap.put("/css/**","anon");
        fiterChainDefinitionMap.put("/lib/**","anon");
        fiterChainDefinitionMap.put("/api/**","anon");
        fiterChainDefinitionMap.put("/jpg/**","anon");
        fiterChainDefinitionMap.put("/boke/**","anon");
        fiterChainDefinitionMap.put("/login","anon");
        fiterChainDefinitionMap.put("/defaultKaptcha","anon");
        //博客前端接口使用
        fiterChainDefinitionMap.put("/Blog/**","anon");
        fiterChainDefinitionMap.put("/login.html","anon");
        fiterChainDefinitionMap.put("/baidu_verify_code-lmaQRwU5uh.html","anon");

        //配置退出过滤器，其中具体的退出shiro已经替我们实现了
        fiterChainDefinitionMap.put("/logout","logout");
        //过滤链定义，authc:所有的url都必须认证通过才可以访问；anon:所有的url都可以匿名访问
        fiterChainDefinitionMap.put("/**","authc");
        //如果不设置默认会自动寻找web工程根目录下的login.jsp页面
        shiroFilterFactoryBean.setLoginUrl("/boke/index.html");
        //登录成功后要跳转的页面
        shiroFilterFactoryBean.setSuccessUrl("/index.html");
        //未授权页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/page/404.html");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(fiterChainDefinitionMap);
        return  shiroFilterFactoryBean;
    }

}
